Paul's Security Weekly - Episode 362 for Thursday February 13th, 2014
- Security Weekly will be at the SANS ICS Summit from March 12-18th, doing a live podcast on Sunday night, covering the courses and attending the 2-day summit. Security Weekly subscribers can now enjoy a 20% off discount code! Use SecurityWeekly20 on checkout to get that discount applied. This conference will be held in Orlando at the Contemporary Resort & Convention Center in sunny Orlando, FL REGISTER NOW!
- We are looking for sponsors for our weekly webcasts and shows. Contact paul -at- hacknaked.tv for details, there are still a few slots available!
- SECURITY B-SIDES ORLANDO April 5-6th, 2014 : "COMMUNITY DRIVEN EVENT SEEKING TO BRING TOGETHER CENTRAL FLORIDA INFOSEC WITH A PASSION FOR MAKING, BREAKING, AND PROTECTING."
- Paul will be speaking at this years Northeast Linux Fest which will be held on April 5 of 2014 at Harvard University and on April 6.
- Pwnie Express will be at RSA 2014 at San Francisco's Moscone Center from 24 - 28 of February. If you're planning to attend, we'd love to have you stop by our booth (#2513). We're going to be offering special show pricing and also signing people up towin a Pwn Pad 2014.
- I'm also slated to speak at the Charlotte ISSA conference in 2014 and the NOLA conference in New Orleans in June.
Guest Interview:Paul Paget
Paul was appointed CEO of Pwnie Express in August 2013 to help grow it into the leader for testing the security of remote operations. Joining Dave Porcello, the founder, and his outstanding team. The PWN Plug has created a hit and they aim to make it a standard around the world. It radically simplifies and reduces the cost of assessing security, especially in hard to reach out of the way part of an organization such as bank offices, stores and off shore facilities.
- How did you get your start working for and/or starting security companies?
- You have been CEO for a few different companies, what is your best asset as CEO?
- Tell us about Pwnie Express, who needs your products and why? What problems do your products solve?
- Many are familiar with the PwnPlug, tell us about some new features and more about the expanding product line
- What's next for Pwnie Express?
- Recently you've formed a partnership with Tenable Network Security, what can you tell us about that?
- For those visiting RSA, what can they expect to find at your booth?
- Three words to describe yourself
- If you were a serial killer, what would be your weapon of choice?
- If you wrote a book about yourself, what would the title be?
- In the popular game of Ass Grabby Grabby do you prefer to go first or second?
- If you could have dinner with one celebrity, who would it be?
Tech Segment: Joff Thyer on DjangoSCA
Django Static Code Analysis
DjangoSCA is a python based Django project source code security auditing system that makes use of the Django framework itself, the Python Abstract Syntax Tree (AST) library, and regular expressions. Django projects are laid out in a directory structure that conforms to a standard form using known classes, and standard file naming such as settings.py, urls.py, views.py, and forms.py.
DjangoSCA is designed for the user to pass the root directory of the Django project as an argument to the program, from which it will recursively descend through the project files and perform source code checks on all python source code, and Django template files.
- Email Attack on Vendor Set Up Breach at Target
- Egor Homakov: How I hacked Github again.
- Cheat Sheets - OWASP - I love cheat sheets, here are some.
- Cheat Sheets - Packet Life - And because I love them so much, here are some more!#Re-enabling JTAG and Debugging the WRT120N - Craig is my hero, check this out "Desoldering the flash chip and overwriting the bootloader with this patch got me past the bootloader and into the main OS". This dude is persistent, and comes out with awesome tutorials on how to hack embedded systems, I am constantly amazed.#Cracking Linksys “Encryption” - It took him longer to write the post than it did to break the "encryption". Turns out to be XOR. Awesome, or not.
- Extreme Vulnerability at the Edge of the Internet - A Fresh New Universal Human-Rights Problem - I have not yet read the full paper, but Paul's insights are really interesting. Make sure you check it out. Yea, and he is why we call it "vixie-cron" :)
- “Please Don’t Lock this Door Tonight” - Such a simple attack, right from the 70's, leave a note on the door that says "please leave this unlocked", and low and behold, people will. So much easier than lock picking! Not sure why this story is making the rounds, but shows just how vulnerable we all are to social engineering. As humans, we just want to be helpful, and sometimes that works against us!
- The Failure of the PCI-DSS?
- HTTP NTLM Information Disclosure
- NTP Reflection Attacks - This pretty basic attack has been floating around the press lately. Specially crafted NTP packets can produce an amplification attack. We've known about this for a while, could it have been prevented? Why do ISPs let this happen? I mean, you can block NTP, but then no one would know what time it is... You can look inside the packets, but that takes, well, time. Heh.
- "Linksys Worm (""TheMoon"") Captured - Really interesting attack on Linksys routers. Looks to me like there is a backdoor admin account on this model Linksys, though no one is sure. Then, once authenticated, there is a command injection vulnerability on a script. No idea if there is a patch for this firmware. However, worm is spreading and doing some massive scanning. This is exciting to me.
- HVAC Integrator’s ‘Billing’ Connection Led to Target Breach
- Detecting Car Hacks
- BBC News - Huge hack 'ugly sign of future' for internet threats
- How I hacked Instagram to see your private photos - insertCoin
- A Snapchat Hack Is Sending People Pictures of Smoothies
- Edward Snowden Got a Bunch of NSA Info By Stealing a Coworker's Password
- Suspected Mass Exploit Against Linksys E1000 / E1200 Routers - Internet Security | SANS ISC
- Have a Linksys router? Now's a good time to update that firmware
- Hacked X-Rays Could Slip Guns Past Airport Security
- Meet The Man Who Hacked Jeopardy
- Snowden's tools for hacking NSA not exactly high tech
- John McAfee declares war on Android
- Technical Details Behind a 400Gbps NTP Amplification DDoS Attack A good writeup by Cloudflare who recently saw yet another record-breaking DDOS attack against their network. According to Cloudflare, NTP amplification can be up to 206 times, while traditional DNS reflection amplification is only about 5 times. Wow
DDoS amplification over UDP protocols strikes again. NTP is a long time resident of the Internet, often outdated, overlooked, and definitely underestimated for its attack potential!
This ongoing target breach discussion illustrates the need for tightly controlled, sponsor based credential management of visiting contractors. It also illustrates the potential weakness of a central authentication source. It is not too far fetched to consider that vendor/contractor credentials should not live within the same Active Directory domain as organizational centric credentials.
Heads up security people! Microsoft wants you to pitch in help your family.